Electronic signature verification method implemented by secret key infrastructure

ABSTRACT

An electronic signature verification method implemented by SKI infrastructure adopts a secret key infrastructure (SKI) system for registering a secret key and issuing a signature key and a verification key. After a signer has completed a signature, a signature data, a verification data and a verification key encrypted by the secret key of a signature verification unit are sent to a recipient. After the recipient has received the data, a user needs to send the verification data and the encrypted verification key to a signature verification unit if the user wants to confirm the signature on the signature data. The signature verification unit uses a secret key authorized by the SKI for the decryption to obtain the verification key and uses the verification key to verify the verification data and confirm the existence of the signature of the signature data, so as to authenticate the signature of the signature data.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to an electronic signature, and moreparticularly to an electronic signature created by a secret keyinfrastructure (SKI) system.

2. Description of Prior Art

In the present digital era, most people are living in an environmentwith various different convenient electronic products. As thedevelopment of the Internet advances, our electronic life is promoted toa higher level.

Electronic products definitely give tremendous convenience to users,particularly when we use these electronic products together with theInternet, and these products allow us to do many things that have neverbeen accomplished. “Knowing things in the whole wide world withoutstepping out your house” is no longer a dream anymore. In recent years,we can do things involving personal confidential data such as anelectronic transaction and an electronic signature by going throughregistration, logon, and identity authentication procedures, in additionto the function of obtaining information on the Internet. In the past,we had to go out and handle these affairs in person, but we can do manyof these matters via the Internet, and thus the Internet has reached itspeak of utilization.

Although network applications including electronic transactions andelectronic signatures are very convenient and popular, their practicaluse is closely related to personal confidential data. Thus, there areconcerns on how to maintain the information security and verify a user'sidentity. At present, many applications of the Internet require a userto enter a password to confirm the user's identity, but unauthorizeduses of a fixed password occur very often, or a password with a very lowsecurity is cracked by unauthorized persons easily. Therefore, theverification method based on the user's password is inappropriate andinsufficient for electronic signatures. Obviously, an applicationcapable of withstanding offline attacks is needed.

To overcome the aforementioned drawback, some designers andmanufacturers proposed the famous public key infrastructure (PKI)system. The PKI system uses a pair of asymmetric matched public key andprivate key as the keys for encryption and decryption. All public keyssubmitted for an application are safe kept by a trusted third party,namely a certificate authority (CA). Any person who requires averification document can submit an application to the CA to inquire apublic key. After a first user encrypts a document by the user's privatekey, and a second user receives the document, the second user can filean application to request the CA for the safe kept public key of thefirst user in order to decrypt the document. If the decryption issuccessfully, then it shows that the document is encrypted by the firstuser. If the second user uses a public key of the first user kept by theCA to encrypt the document, and the first user is the only receiver ofthe document, then the only private key known by the first user can beused for the decryption.

The PKI system has the features of confidentiality and non-repudiationthat catch the attention of the manufacturers in the industry, and thusthe PKI system is applicable for electronic signatures. However, thesystems of this sort require a high cost, such that a company withoutsufficient budget has to bear a risk and select a verification methodwith a relatively lower level of confidentiality and a cheaper cost. Inview of the aforementioned shortcomings of the prior art, the presentinvention provides an electronic signature verification method with arelatively lower cost to improve the security greatly.

SUMMARY OF THE INVENTION

It is a primary objective of the present invention to overcome theshortcomings of the prior art by providing an electronic signatureverification method implemented by an existing secret key infrastructure(SKI) system which is used as a registration center for registering asecret key and an issuance center for issuing verification keys. Sincethe secret keys stored in the SKI must be accessed and used easily byusers, therefore the secret keys are not powerful enough to counteractan offline attack. In a verification method of the present invention, atrusted third party acts as a signature verification center and adopts apowerful secret key protection to create a more powerful securitymechanism.

Another objective of the present invention is to provide an electronicsignature verification method implemented by the SKI infrastructure,wherein the signature verification key issued by the signatureverification key issuance center adopts a double encryption, such that areceiver is unable to a verification key directly after a signeddocument is received, and the signed document is handled by a trustedthird party signature verification center for a further verification.

The signature verification method of the present invention can provide asignature verification of a higher level of security than the originalsystem in the existing hardware infrastructure, so that users canconcurrently take care of the issues of a high cost and a low security.

To achieve the foregoing objectives, the present invention uses a secretkey infrastructure (SKI) system to register a secret key and issue asignature verification key, such that after a signer has completed asignature, a signature data, a verification data and a verification keyencrypted by a secret key of the signature verification unit aretransmitted to a recipient, and after the recipient has received thedata and wants to confirm the validity of the signature data, theverification data and the encrypted verification key are transmitted toa signature verification unit, and the signature verification unitdecrypts the encrypted verification key by using a secret key authorizedby the SKI, in order to obtain the verification key and verify theverification data by using the verification key for the confirmation ofthe validity of the signature data of the signature.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic diagram of an electronic signature verificationmethod implemented by a SKI infrastructure in accordance with thepresent invention;

FIGS. 2 a, 2 b and 2 c are schematic diagrams of packets of anelectronic signature verification method implemented by the SKIinfrastructure in accordance with the present invention;

FIG. 3 is a flow chart of a signature process of an electronic signatureverification method implemented by the SKI infrastructure in accordancewith the present invention; and

FIG. 4 is a flow chart of a verification process of an electronicsignature verification method implemented by the SKI infrastructure inaccordance with the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The present invention is illustrated by a preferred embodiment andrelated drawings and described in details as follows.

With reference to FIG. 1 for a schematic diagram of an electronicsignature verification method implemented by the SKI infrastructure inaccordance with the present invention, the method is implemented by asecret key registration center 1, a signature verification key issuancecenter 2 and a signature verification center 3. These three centers aretrusted third parties (TTP) with unquestionable fairness andtrustfulness. An existing secret key infrastructure (SKI) system such asa Kerberos system or a Radius system acts as the secret key registrationcenter 1 and the key issuance center 2, but such arrangement is usedhere for illustrating as an embodiment of the present invention, but notintended to limit the scope of the present invention.

With reference to FIG. 3 for a flow chart of a signature process of anelectronic signature verification method implemented by the SKIinfrastructure in accordance with the present invention, a signer 4 andthe verification center 3 register a first secret key 6 a and a secondsecret key 6 b to the registration center 1 (Step S30). The secondsecret key 6 b registered by the verification center 3 can be asymmetric secret key or an asymmetric pair of public key and privatekey, but the present invention is not limited to such arrangement only.

If the signer 4 wants to sign a document, the signer 4 applies for a keyfrom the key issuance center 2 (Step S32). The issuance center 2randomly generates a signature key 7 a and a verification key 7 b, andrequests the registration center 1 for the first secret key 6 aregistered by the signer 4 and the second secret key 6 b correspondingto the first secret key 6 b according to the identity of the signer 4.The key issuance center 2 uses the second secret key 6 b to encrypt asecond packet 8 b, and the first secret key 6 a to encrypt a firstpacket 8 a (Step S34). Finally, the first packet 8 a is transmitted tothe signer 4 (Step S36), wherein the first packet 8 a comprises thesignature key 7 a and the second packet 8 b, and the second packet 8 bcomprises the data of the verification key 7 b, the issuance time of thesignature key and the verification key 7 b 1 and the signer's identity41. However, the contents of the packets can be modified according toactual requirements, and the contents of the packets are shown in FIGS.2 a, 2 b and 2 c, wherein the signature key 7 a and the verification key7 b issued by the key issuance center 2 can be the same symmetricsession key 3, or a pair of corresponding asymmetric session keys (or anephemeral key pair), but the present invention is not limited to sucharrangement only.

If the signer 4 receives the first packet 8 a transmitted from the keyissuance center 2, then the first secret key 6 a provided by theregistration center 1 is used for the decryption (Step S38) to obtainthe signature key 7 a and the second packet 8 b. If the signature key 7a and the verification key 7 b are a pair of asymmetric session keys,then the signature key 7 a is used for signing the document (Step S3 a)to produce a signed document 9. If the signature key 7 a and theverification key 7 b are same symmetric session key, then the signer 4can use the signature key 7 a to produce an information certificationfile 10 (Step S3 c). Finally, the signer 4 transmits a third packet 8 cincluding the document (or the signed document 9), the informationcertification file 10 (wherein the information certification file 10will not be produced if the signed document 9 is produced) and thesecond packet 8 b to a recipient 5 (Step S3 e). After the recipient 5receives the above, the signed document 9 or the informationcertification file 10 is used for verifying the validity of thesignature.

It is noteworthy to point out that the first packet 8 a can selectivelyinclude data such as the application time 7 a 1 and the issuance time 7a 2 of the signature key and the verification key, the signer's identity41, such that after the signer 4 has received and decrypted the firstpacket 8 a, the signer 4 can send these data to the signatureverification center 3 to verify the data directly, and the signatureverification center 3 returns a verification result to the signer 4, sothat the signer 4 can perform a test.

With reference to FIG. 4 for a flow chart of a signature verificationprocess of an electronic signature verification method in accordancewith the present invention, the recipient 5 receives the third packet 8c from the signer 4 (Step S40). If the recipient 5 wants to verifywhether or not the signature is valid, the signed document 9 or theinformation certification file 10, and the second packet 8 b will betransmitted to the verification center 3 (Step S42). After theverification center 3 has received the above, the second secret key 6 bregistered to the registration center 1 by the verification center 3 ora corresponding private key used for encrypting a public key of thesecond packet 8 b is used to decrypt the second packet 8 b to obtain theverification key 7 b and the signature information (Step S44). Theverification center 3 uses the verification key 7 b to verify whether ornot the signed document 9 or the information certification file 10 isvalid (Step S46), and the verification center 3 is responsible for thevalidity of the signer's identity 41 of the signed document 9, whereinthe verification center 3 verifies the signed document 9 or theinformation certification file 10 according to the types of thesignature key 7 a and the verification key 7 b, since the datatransmitted from the recipient 5 to the verification center 3 will notcontain both of the signed document 9 and the information certificationfile 10 at the same time.

If a valid signature is confirmed, the signature information includingthe issuance time 7 b 1 of the signature key and the verification keyissuance time 7 b 1 and the signer's identity 41 will be returned to therecipient 5 (Step S48). If the verification center 3 receives unmatchedsignature information, the verification center 3 will not verify thesigned document 9 or the information certification file 10, but it willdirectly return an error message to the recipient 5.

While the invention has been described by means of specific embodiments,numerous modifications and variations could be made thereto by thoseskilled in the art without departing from the scope and spirit of theinvention set forth in the claims.

1. An electronic signature verification method, employing a secret keyinfrastructure (SKI) to act as a secret key registration center and asignature verification key issuance center, and a trusted third party toact as a signature verification center, and the method processing adocument signed by a signer computer, and comprising: (a) the signercomputer registering a first secret key to the secret key registrationcenter; (b) the signature verification center registering a secondsecret key to the secret key registration center; (c) the signercomputer applying for a signature key and a verification key to thesignature verification key issuance center; (d) the signatureverification key issuance center encrypting a second packet by thesecond secret key, and the second packet comprising the verificationkey; (e) the signature verification key issuance center encrypting afirst packet by the first secret key, and the first packet comprisingthe signature key and the second packet; (f) the signature verificationkey issuance center transmitting the first packet to the signercomputer; (g) the signer computer using the signature key to sign adocument to produce a signed document, after decrypting the first packetby using the first secret key; (h) the signer computer transmitting athird packet to a recipient computer, and the third packet comprisingthe signed document and the second packet; (i) the recipient computertransmitting the signed document and the second packet to the signatureverification center; (j) the signature verification center using theverification key to verify whether or not the signed document is valid,after decrypting the second packet by using the second secret key; and(k) the signature verification center returning a verification result tothe recipient computer, wherein the secret key registration center, thesignature verification key issuance center, and the signatureverification center are implemented by computer servers physicallyseparated from each other and the signer computer and the recipientcomputer are physically separated from each other and physicallyseparated from the computer servers.
 2. The electronic signatureverification method of claim 1, wherein the signature verification keyissuance center is acted by a Kerberos system or a Radius system.
 3. Theelectronic signature verification method of claim 1, wherein thesignature key and the verification key in the Step (c) are symmetricsession keys.
 4. The electronic signature verification method of claim1, wherein the signature key and the verification key in the Step (c)are an asymmetric session key pair.
 5. The electronic signatureverification method of claim 1, wherein the first packet described inthe Step (e) further comprises an issuance time of the signature key andthe verification key and a signer's identity.
 6. The electronicsignature verification method of claim 5, further comprising a step (f1)after the Step (f) takes place, and in the Step (f1), the signercomputer transmits the issuance time of the signature key and theverification key and the signer's identity to the signature verificationcenter for verifying, after the first packet is decrypted.
 7. Theelectronic signature verification method of claim 6, further comprisinga step (f2) after the Step (f1) takes place, wherein in the Step (f2),the signature verification center returns a verification result to thesigner computer.
 8. The electronic signature verification method ofclaim 1, wherein the second packet described in the Step (d) furthercomprises an issuance time of the signature key and the verification keyand a signer's identity.
 9. The electronic signature verification methodof claim 8, further comprising a step (j1) after the Step (j) takesplace, wherein in the Step (j1), the signature verification centerreturns an invalid signature message to the recipient computer if thereis an error of the issuance time of the signature key or theverification key or the signer's identity after the second packet isdecrypted.
 10. The electronic signature verification method of claim 9,wherein the Step (k) returns the issuance time of the signature key andthe verification key and the signer's identity to the recipient computerafter the signature document is verified to be valid.
 11. The electronicsignature verification method of claim 1, wherein the first packet asdescribed in the Step (e) further includes an application time of thesignature key and the verification key.
 12. An electronic signatureverification method, employing a secret key infrastructure (SKI) to actas a secret key registration center and a signature verification keyissuance center, and a trusted third party to act as a signatureverification center, and the method processing a document signed by asigner computer, and comprising: (a) the signer computer registering afirst secret key to the secret key registration center; (b) thesignature verification center registering a second secret key to thesecret key registration center; (c) the signer computer applying for asignature key and a verification key to the signature verification keyissuance center; (d) the signature verification key issuance centerencrypting a second packet by the second secret key, and the secondpacket comprising the verification key; (e) the signature verificationkey issuance center encrypting a first packet by the first secret key,and the first packet comprising the signature key and the second packet;(f) the signature verification key issuance center transmitting thefirst packet to the signer computer; (g) the signer computer using thesignature key to create an information certification file, afterdecrypting the first packet by using the first secret key; (h) thesigner computer transmitting a third packet to a recipient computer, andthe third packet comprising the document, the information certificationfile and the second packet; (i) the recipient computer transmitting theinformation certification file and the second packet to the signatureverification center; (j) the signature verification center using theverification key to verify whether or not the information certificationfile is valid, after decrypting the second packet by using the secondsecret key; and (k) the signature verification center returning averification result to the recipient computer; wherein the secret keyregistration center, the signature verification key issuance center, andthe signature verification centers are implemented by computer serversphysically separated from each other, and the signer computer and therecipient computer are physically separated from each other andphysically separated from the computer servers.
 13. The electronicsignature verification method of claim 12, wherein the first packetdescribed in the Step (e) further comprises an issuance time of thesignature key and the verification key and a signer's identity.
 14. Theelectronic signature verification method of claim 13, further comprisinga step (f1) after the Step (f) takes place, and in the Step (f1), thesigner computer transmits the issuance time of the signature key and theverification key and the signer's identity to the signature verificationcenter for verifying, after the first packet is decrypted.
 15. Theelectronic signature verification method of claim 14, further comprisinga step (f2) after the Step (f1) takes place, wherein in the Step (f2),the signature verification center returns a verification result to thesigner computer.
 16. The electronic signature verification method ofclaim 12, wherein the second packet described in the Step (d) furthercomprises an issuance time of the signature key and the verification keyand a signer's identity.
 17. The electronic signature verificationmethod of claim 16, further comprising a step (j1) after the Step (j)takes place, wherein in the Step (j1), the signature verification centerreturns an invalid signature message to the recipient computer if thereis an error of the issuance time of the signature key or theverification key or the signer's identity after the second packet isdecrypted.
 18. The electronic signature verification method of claim 17,wherein the Step (k) returns the issuance time of the signature key andthe verification key and the signer's identity to the recipient computerafter the information certification file is verified to be valid. 19.The electronic signature verification method of claim 12, wherein thefirst packet as described in the Step (e) further includes anapplication time of the signature key and the verification key.